As part of our site we are using paperclip to upload files however at
present these files are uploaded to an area using the line below.
has_attached_file :file, :path => ":rails_root/public/
application/:class/:id/:basename.:extension", :url => "#
{ActionController::Base.relative_url_root}/
application/:class/:id/:basename.:extension"
The link to this file is shown from a view that protected using hobo
permissions
acting_user.administrator? || owner_is?(acting_user) and by adding a
before filter to the controller as Patrcik suggested in another
thread.
However anybody can access:
http://127.0.0.1:3000/application/versions/1/patch1.zip
whereas I want to limt access to this file to just the same access
list as the view.
I think this is realted to routing but I'm sort of stuck at where to
start? Is this going to be more generic RoR stuff or paperclip
specific? If so I can ask elsewhere..
Thsi is one of my 2 remaining issues before I can go live... I'm going
to struggle on with the other for now but may be back with last query
next week :)
Thanks
Mark
--
You received this message because you are subscribed to the Google Groups "Hobo
Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/hobousers?hl=en.
